Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aliaksandr hartsuyeu vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2006-0461
Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via HTTP_REFERER (referer).
Pmachine Expressionengine 1.4.1
1 EDB exploit
668
VMScore
CVE-2006-0606
SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote malicious users to execute arbitrary SQL commands via unknown attack vectors.
Unknown Domain Shoutbox 2005-07-21
755
VMScore
CVE-2006-0234
SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters.
Microblog Microblog 2.0 Rc10
1 EDB exploit
505
VMScore
CVE-2006-0312
create.php in aoblogger 2.3 allows remote malicious users to bypass authentication and create new blog entries by setting the uza parameter to 1.
Mike Helton Aoblogger 2.3
1 EDB exploit
755
VMScore
CVE-2006-0491
SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Subzane Szusermgnt 1.4
1 EDB exploit
755
VMScore
CVE-2006-0079
SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote malicious users to execute arbitrary SQL commands via the username field (adminname variable).
Scoznet Scozbook 1.1 Beta
1 EDB exploit
515
VMScore
CVE-2006-1568
Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) email, (2) location, or (3) website parameters.
Redcms Redcms 0.1
1 EDB exploit
505
VMScore
CVE-2006-1613
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Aweb Labs Awebnews 1.0
1 EDB exploit
755
VMScore
CVE-2006-0209
SQL injection vulnerability in general_functions.php in TankLogger 2.4 allows remote malicious users to execute arbitrary SQL commands via the (1) livestock_id parameter to showInfo.php and (2) tank_id parameter, possibly to livestock.php.
Tanklogger Tanklogger 2.4
1 EDB exploit
755
VMScore
CVE-2006-0318
SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.
Insane Visions Blogphp 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »